package org.shiki.hrm.config;

import org.shiki.hrm.authenhandle.MyAuthenFail;
import org.shiki.hrm.authenhandle.MyAuthenSuccess;
import org.shiki.hrm.detail.MyUserDatailService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

import javax.sql.DataSource;
import java.util.ArrayList;

@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MySecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
	private DataSource dataSource;

	@Autowired
	private MyUserDatailService userDatailService;

//	@Override
//	@Bean
//	protected UserDetailsService userDetailsService() {
//		User user = new User("shiki", "5408", new ArrayList<>());
//		UserDetailsService manager = new InMemoryUserDetailsManager(user);
//		return manager;
//	}

	/**
	 * 不需要使用密码的加密解析
	 * @return
	 */
	@Bean
	public PasswordEncoder getEncoder() {
//		return new BCryptPasswordEncoder();
		return NoOpPasswordEncoder.getInstance();
	}

	@Bean
	public PersistentTokenRepository createRepository(){
		JdbcTokenRepositoryImpl repository = new JdbcTokenRepositoryImpl();
		repository.setDataSource(dataSource);
		// 设置创建保存token的数据库表
//		repository.setCreateTableOnStartup(true);
		return repository;
	}

	/**
	 * http安全配置
	 * @param http
	 * @throws Exception
	 */
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests() //授权请求访问
				.antMatchers("/login", "login.html", "/smslogin").permitAll() // 放行login
				.antMatchers(HttpMethod.POST, "/sms/send/**").permitAll()
				.anyRequest().authenticated() // 设置其他请求都需要认证
				.and().formLogin().permitAll() // 允许表单登录
//		    	.successForwardUrl("/success") // 登录成功的跳转路径
				.successHandler(new MyAuthenSuccess()) // 登录成功的处理
				.failureHandler(new MyAuthenFail()) // 登录失败的处理
				.loginPage("/login.html").loginProcessingUrl("/login") // 自定义登陆页面
				.and().logout().permitAll() // 放心登出路径
				.and().csrf().disable(); // 关闭跨站访问
		// 配置remember-me
		http.rememberMe()
				.tokenRepository(createRepository()) // 设置存储方式
				.tokenValiditySeconds(3600) // 过期时间(单位为秒)
				.userDetailsService(userDatailService); // 指定要记住的认证用户
	}

	public static void main(String[] args) {
		BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
		String encode = encoder.encode("1");
		System.out.println(encode);
	}
}
